Set Me Straight Please

  • Hello all,

    I'm new to pfsense and have been using M0n0wall for at least a year now for our office router.  The one flaw in M0n0wall is that it does not have load balancing.  So I'm trying out PFSense and downloaded/installed RC2 to a test system with 4 NICs.  I want to have my 2 local networks and 2 Internets into one box.

    I have been reading all the tutorials and some forum topics to try and figure out how to setup the load balancing feature.  I have to have everything setup correctly right off the bat because a lot of our servers are live and can only be down for a short bit.

    The problem is all the tutorials and walk throughs are from the freaking beta versions or older then RC2.  Things have changed since then so most these tutorials are crap from my understanding.

    So my question is do I really need to setup NAT for the load balancing or can I just set everything up in the Firewall rules with rules like…

    Proto    Source    Port    Destination    Port      Gateway          Description
      *        LAN Net      *            *              *      LoadBalancer      LAN>Balancer

    I was reading the Wiki on outgoing loadbalancing and it says this.....

    Create NAT-Rules for your WAN-POOL (now optional, only needed if you use advanced outbound NAT for something else too)

    Says now optional..... does that mean for RC2?

    Thank you for your help!

  • Yeah, the wiki is appropriate. We now generate outbound NAT automatically for all interfaces that have a gateway set. If you don't need advanced outbound nat for some special application you simply can skip this step. All you then need is a pool and appropriate firewallrules to utilize loadbalancing and/or policybased routing. I suggest first transferring your m0n0 install 1:1 to the pfSense setup without pool and loadbalancing. Make sure your pfSense setup works the way m0n0 did after that. Then add your OPT-WAN. Create the pool. If a a pool is not referenced by a rule it won't be used. Check status>loadbalancer if all gateways go online. Then create a rule at LAN with source a single IP of a testclient and destination any at the top of your LAN rules. Use the pool as gateway for this rule. Now you can test with that client if your setup works whereas all other clients/servers will still use a non loadbalanced setup. If you are satisfied with the way it works modify your rules at LAN so other machines make use of loadbalancing too.

Log in to reply